1
|
<?xml version="1.0"?>
|
2
|
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
3
|
|
4
|
<!-- ============================================================= -->
|
5
|
<!-- Configure a TLS (SSL) Context Factory -->
|
6
|
<!-- This configuration must be used in conjunction with jetty.xml -->
|
7
|
<!-- and either jetty-https.xml or jetty-spdy.xml (but not both) -->
|
8
|
<!-- ============================================================= -->
|
9
|
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
|
10
|
<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.keystore" default="etc/keystore"/></Set>
|
11
|
<Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
|
12
|
<Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="OBF:1u2u1wml1z7s1z7a1wnl1u2g"/></Set>
|
13
|
<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.truststore" default="etc/keystore"/></Set>
|
14
|
<Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
|
15
|
<Set name="EndpointIdentificationAlgorithm"></Set>
|
16
|
<Set name="ExcludeCipherSuites">
|
17
|
<Array type="String">
|
18
|
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
|
19
|
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
|
20
|
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
|
21
|
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
|
22
|
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
|
23
|
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
|
24
|
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
|
25
|
</Array>
|
26
|
</Set>
|
27
|
|
28
|
<!-- =========================================================== -->
|
29
|
<!-- Create a TLS specific HttpConfiguration based on the -->
|
30
|
<!-- common HttpConfiguration defined in jetty.xml -->
|
31
|
<!-- Add a SecureRequestCustomizer to extract certificate and -->
|
32
|
<!-- session information -->
|
33
|
<!-- =========================================================== -->
|
34
|
<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
|
35
|
<Arg><Ref refid="httpConfig"/></Arg>
|
36
|
<Call name="addCustomizer">
|
37
|
<Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
|
38
|
</Call>
|
39
|
</New>
|
40
|
|
41
|
</Configure>
|